Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B120702D0C011EF87A7D27E762E951A.roa
File: 2B120702D0C011EF87A7D27E762E951A.roa (raw, json)
Hash identifier: k+OpiuRY+vKnu/k6A6fUDvHMr/Ulr/6XrRos0ALqQPk=
Subject key identifier: DE:7C:22:77:8F:A3:B4:4F:22:5C:1D:78:9F:BA:91:F1:34:61:85:D6
Certificate issuer: /CN=F368F2D0AR/serialNumber=797D88D813E20FFF982CC7419E969BAEA6BFD69B
Certificate serial: 010635
Authority key identifier: 79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
Authority info access: rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B120702D0C011EF87A7D27E762E951A.roa
Signing time: Sun 12 Jan 2025 08:35:25 +0000
ROA not before: Sun 12 Jan 2025 08:35:21 +0000
ROA not after: Fri 14 Feb 2025 08:35:21 +0000
asID: 142032
IP address blocks: 45.192.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.mft
rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.crl
rsync://rpki.afrinic.net/repository/arin/uHxadfPZV0E6uZhkaUbUVB1RFFU.mft
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/arin-to-afrinic.cer
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.crl
rsync://rpki.afrinic.net/repository/04E8B0D80F4D11E0B657D8931367AE7D/62gPOPXWxxu0sQa4vQZYUBLaMbY.mft
rsync://rpki.afrinic.net/repository/AfriNIC.cer
Signature path expires: Fri 07 Feb 2025 00:26:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 67125 (0x10635)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F368F2D0AR
Validity
Not Before: Jan 12 08:35:21 2025 GMT
Not After : Feb 14 08:35:21 2025 GMT
Subject: CN=67837ecd-ef87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:65:56:1b:02:66:3d:71:6c:1f:92:d3:3f:04:
0b:58:b5:50:01:fc:fa:d8:69:41:c3:4c:29:b9:73:
be:b1:55:ed:38:e1:74:fe:4a:f0:4d:c8:a4:76:a9:
e8:31:b2:f9:25:8d:2d:dd:95:b9:24:69:e0:70:c7:
1e:fd:05:96:db:40:5d:0d:c3:c7:20:5a:88:59:04:
0b:ac:00:f6:de:6c:99:77:9b:10:8d:0c:c0:50:41:
71:a3:ca:ab:26:ad:46:73:84:3f:19:ca:7a:14:32:
e7:84:ed:4c:fd:66:e7:e2:d5:68:7d:8d:8e:25:e2:
08:70:68:73:63:34:62:8a:8a:d3:79:16:f9:f1:f2:
06:28:6f:36:41:88:cd:86:de:ab:28:29:f1:c1:be:
04:72:22:71:ef:4b:e8:53:59:c2:15:43:52:2b:fb:
bb:c4:38:4c:d8:01:04:9a:9b:3b:ce:c1:04:be:4a:
8b:d2:14:b6:ff:5e:d3:63:fb:75:e3:43:bb:0e:ed:
ba:5e:01:cd:73:7c:58:b7:6c:9c:46:bd:4b:6c:52:
d1:03:34:ac:fb:17:bf:22:8f:83:96:92:70:93:9a:
57:56:56:1f:8a:49:e8:b2:ae:e2:51:bc:cb:9c:f7:
43:55:bc:62:92:48:42:3f:09:c3:59:9f:e6:4c:56:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:7C:22:77:8F:A3:B4:4F:22:5C:1D:78:9F:BA:91:F1:34:61:85:D6
X509v3 Authority Key Identifier:
keyid:79:7D:88:D8:13:E2:0F:FF:98:2C:C7:41:9E:96:9B:AE:A6:BF:D6:9B
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/eX2I2BPiD_-YLMdBnpabrqa_1ps.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/eX2I2BPiD_-YLMdBnpabrqa_1ps.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F368F2D0/92F86E1C6E0511E8A1B5854BF8AEA228/2B120702D0C011EF87A7D27E762E951A.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
45.192.96.0/22
Signature Algorithm: sha256WithRSAEncryption
4b:8e:18:9a:ea:4e:84:31:07:ee:56:07:49:9a:9a:36:59:0c:
4b:b6:f9:77:58:69:31:36:96:bc:1b:c3:7b:1a:1b:1b:e5:7b:
79:b3:ba:2a:f5:88:e9:c6:54:88:95:c7:43:ec:af:ab:bf:ea:
24:20:6d:1e:a6:a1:6b:46:13:98:be:a4:eb:6b:06:7b:e1:12:
19:cf:94:87:e8:30:ba:57:5b:84:0b:6c:8e:92:cb:9b:b7:ab:
2f:2b:f7:94:a0:08:b7:d5:2f:d6:f3:25:cd:09:5c:b4:43:39:
9e:da:bf:9a:f6:83:e0:b1:8a:e8:c6:bb:11:ea:7d:60:13:c4:
9d:a3:90:68:01:48:fb:74:63:91:a7:4a:9c:44:c9:92:78:a6:
99:d5:34:c4:3d:52:5f:4b:3a:e1:58:94:da:87:cf:7c:20:6a:
2d:c9:d6:b7:0b:17:ab:1e:65:e7:75:40:4c:e5:48:08:bf:93:
15:76:19:e6:8c:ef:5c:0b:c9:94:9b:3a:bf:cb:5e:2a:8d:09:
cb:db:80:03:71:cd:64:e3:64:1e:a7:ef:e8:8d:9f:d0:7a:aa:
ed:15:78:40:fa:e8:05:9a:a6:a9:7a:c6:45:b5:5a:dd:ae:a5:
34:ef:95:db:60:97:21:0f:c9:b1:8d:13:4c:bc:39:05:0a:f7:
71:3b:f1:56
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgIDAQY1MA0GCSqGSIb3DQEBCwUAMEgxEzARBgNVBAMTCkYz
NjhGMkQwQVIxMTAvBgNVBAUTKDc5N0Q4OEQ4MTNFMjBGRkY5ODJDQzc0MTlFOTY5
QkFFQTZCRkQ2OUIwHhcNMjUwMTEyMDgzNTIxWhcNMjUwMjE0MDgzNTIxWjAYMRYw
FAYDVQQDEw02NzgzN2VjZC1lZjg3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB
CgKCAQEAzWVWGwJmPXFsH5LTPwQLWLVQAfz62GlBw0wpuXO+sVXtOOF0/krwTcik
dqnoMbL5JY0t3ZW5JGngcMce/QWW20BdDcPHIFqIWQQLrAD23myZd5sQjQzAUEFx
o8qrJq1Gc4Q/Gcp6FDLnhO1M/Wbn4tVofY2OJeIIcGhzYzRiiorTeRb58fIGKG82
QYjNht6rKCnxwb4EciJx70voU1nCFUNSK/u7xDhM2AEEmps7zsEEvkqL0hS2/17T
Y/t140O7Du26XgHNc3xYt2ycRr1LbFLRAzSs+xe/Io+DlpJwk5pXVlYfiknosq7i
UbzLnPdDVbxikkhCPwnDWZ/mTFZsWQIDAQABo4ICojCCAp4wHQYDVR0OBBYEFN58
InePo7RPIlwdeJ+6kfE0YYXWMB8GA1UdIwQYMBaAFHl9iNgT4g//mCzHQZ6Wm66m
v9abMA4GA1UdDwEB/wQEAwIHgDCBlQYDVR0fBIGNMIGKMIGHoIGEoIGBhn9yc3lu
YzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJfcmVwb3NpdG9y
eS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFFQTIyOC9lWDJJ
MkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY3JsMGQGCCsGAQUFBwEBBFgwVjBUBggr
BgEFBQcwAoZIcnN5bmM6Ly9ycGtpLmFmcmluaWMubmV0L3JlcG9zaXRvcnkvYXJp
bi9lWDJJMkJQaURfLVlMTWRCbnBhYnJxYV8xcHMuY2VyME8GA1UdIAEB/wRFMEMw
QQYIKwYBBQUHDgIwNTAzBggrBgEFBQcCARYnaHR0cHM6Ly9ycGtpLmFmcmluaWMu
bmV0L3BvbGljeS9DUFMucGRmMIHbBggrBgEFBQcBCwSBzjCByzCBkQYIKwYBBQUH
MAuGgYRyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9tZW1iZXJf
cmVwb3NpdG9yeS9GMzY4RjJEMC85MkY4NkUxQzZFMDUxMUU4QTFCNTg1NEJGOEFF
QTIyOC8yQjEyMDcwMkQwQzAxMUVGODdBN0QyN0U3NjJFOTUxQS5yb2EwNQYIKwYB
BQUHMA2GKWh0dHBzOi8vcnJkcC5hZnJpbmljLm5ldC9ub3RpZmljYXRpb24ueG1s
MB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLcBgMA0GCSqGSIb3DQEBCwUA
A4IBAQBLjhia6k6EMQfuVgdJmpo2WQxLtvl3WGkxNpa8G8N7Ghsb5Xt5s7oq9Yjp
xlSIlcdD7K+rv+okIG0epqFrRhOYvqTrawZ74RIZz5SH6DC6V1uEC2yOksubt6sv
K/eUoAi31S/W8yXNCVy0Qzme2r+a9oPgsYroxrsR6n1gE8Sdo5BoAUj7dGORp0qc
RMmSeKaZ1TTEPVJfSzrhWJTah898IGotyda3CxerHmXndUBM5UgIv5MVdhnmjO9c
C8mUmzq/y14qjQnL24ADcc1k42Qep+/ojZ/QeqrtFXhA+ugFmqapesZFtVrdrqU0
75XbYJchD8mxjRNMvDkFCvdxO/FW
-----END CERTIFICATE-----
Generated at Wed Feb 5 09:51:29 2025 by rpki-client